PT-2019-8702 · Forgerock · Openam

Yasushi Iwakata

Publicado

2019-02-13

Atualizado

2019-02-22

CVE-2018-0696

CVSS v3.1

7.5

Alta

Vetor

AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions OpenAM (Open Source Edition) versions prior to 13.0

Description The issue allows remote authenticated attackers to change security questions and reset the login password.

Recommendations For versions prior to 13.0, update to version 13.0 or later to resolve the issue.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

CVE-2018-0696

Openam